시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
23,5612016/09/16 2023211  ET TROJAN Windows driverquery -v Microsoft Windows DOS prompt command exit OUTBOUND;  
23,5602016/09/16 2023212  ET TROJAN Windows driverquery -si Microsoft Windows DOS prompt command exit OUTBOUND;  
23,5592016/09/16 2023206  ET TROJAN Windows Microsoft Windows DOS prompt command Error Invalid Argument;  
23,5582016/09/16 2023207  ET TROJAN Windows Microsoft Windows DOS prompt command Error not recognized;  
23,5572016/09/16 2023208  ET TROJAN Windows Microsoft Windows DOS prompt command Error not found;  
23,5562016/09/16 2023209  ET TROJAN Windows net statistics workstation Microsoft Windows DOS prompt command exit OUTBOUND;  
23,5552016/09/16 2023210  ET TROJAN Windows net statistics server Microsoft Windows DOS prompt command exit OUTBOUND;  
23,5542016/09/15 2023205  ET TROJAN Windows dir Microsoft Windows DOS prompt command exit OUTBOUND;  
23,5532016/09/15 2023204  ET TROJAN Quant Loader Download Response;  
23,5522016/09/15 2023203  ET TROJAN Quant Loader Download Request;  
23,5512016/09/15 2023201  ET EXPLOIT Possible MySQL CVE-2016-6662 Attempt; [1
23,5502016/09/15 2023202  ET EXPLOIT Possible MySQL cnf overwrite CVE-2016-6662 Attempt; [1
23,5492016/09/15 2023200  ET CURRENT_EVENTS RIG EK Landing Sep 13 2016 (b643);  
23,5482016/09/15 2023197  ET USER_AGENTS Microsoft Edge on Windows 10 SET;  
23,5472016/09/15 2023198  ET CURRENT_EVENTS RIG EK Landing Sep 13 2016 (b641);  
23,5462016/09/15 2023199  ET CURRENT_EVENTS RIG EK Landing Sep 13 2016 (b642);  
23,5452016/09/14 2023195  ET CURRENT_EVENTS CVE-2016-0189 Exploit as Observed in Sundown/RIG EK (b646);  
23,5442016/09/14 2023190  ET CURRENT_EVENTS CVE-2016-0189 Exploit as Observed in Sundown/RIG EK (b641);  
23,5432016/09/14 2023189  ET CURRENT_EVENTS EITest Inject (compromised site) M2 Sep 12 2016;  
23,5422016/09/14 2023196  ET CURRENT_EVENTS RIG EK Landing Sep 12 2016 T2;  
23,5412016/09/14 2023193  ET CURRENT_EVENTS CVE-2016-0189 Exploit as Observed in Sundown/RIG EK (b644);  
23,5402016/09/14 2023191  ET CURRENT_EVENTS CVE-2016-0189 Exploit as Observed in Sundown/RIG EK (b642);  
23,5392016/09/14 2023194  ET CURRENT_EVENTS CVE-2016-0189 Exploit as Observed in Sundown/RIG EK (b645);  
23,5382016/09/14 2400033  ET DROP Spamhaus DROP Listed Traffic Inbound group 34; [1
23,5372016/09/14 2023192  ET CURRENT_EVENTS CVE-2016-0189 Exploit as Observed in Sundown/RIG EK (b643);  
23,5362016/09/14 2023188  ET CURRENT_EVENTS EITest Inject (compromised site) Sep 12 2016;  
23,5352016/09/14 2023184  ET EXPLOIT Possible Android Stagefright MP4 (CVE 2016-3861) Set; [1
23,5342016/09/14 2023187  ET CURRENT_EVENTS Evil Redirector Leading to EK Sep 12 2016;  
23,5332016/09/14 2023185  ET EXPLOIT Possible Android Stagefright MP4 (CVE 2016-3861) ROP; [1
23,5322016/09/14 2023186  ET CURRENT_EVENTS Evil Redirector Leading to EK Sep 12 2016 (Flash);  
23,5312016/09/09 2023179  ET TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker C2); [1
23,5302016/09/09 2023183  ET TROJAN OSX/Mokes.A CnC Heartbeat; [1
23,5292016/09/09 2023181  ET CURRENT_EVENTS Successful Ebay Phish Sept 8 2016;  
23,5282016/09/09 2023182  ET TROJAN OSX/Mokes.A CnC Heartbeat Request (set); [1
23,5272016/09/09 2023180  ET CURRENT_EVENTS DNS Query to Ebay Phishing Domain;  
23,5262016/09/09 2023178  ET TROJAN ABUSE.CH Ransomware Domain Detected (Locky C2); [1
23,5252016/09/07 2023160  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
23,5242016/09/07 2023159  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
23,5232016/09/07 2023162  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Vawtrak CnC); [1
23,5222016/09/07 2023154  ET TROJAN BartCrypt Payment DNS Query to .onion proxy Domain (s3clm4lufbmfhmeb);  
23,5212016/09/07 2023156  ET TROJAN Linux/LuaBot CnC Beacon Response; [1
23,5202016/09/07 2023161  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Vawtrak CnC); [1
23,5192016/09/07 2023158  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM); [1
23,5182016/09/07 2023155  ET TROJAN Linux/LuaBot CnC Beacon; [1
23,5172016/09/07 2023157  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Vawtrak CnC); [1
23,5162016/09/04 2023152  ET CURRENT_EVENTS Encoded CVE-2014-6332 (As Observed in SunDown EK) M2;  
23,5152016/09/04 2023153  ET CURRENT_EVENTS Encoded CVE-2014-6332 (As Observed in SunDown EK) M3;  
23,5142016/09/04 2023150  ET CURRENT_EVENTS Possible Evil Redirector Leading to EK EITest Sep 02 M2;  
23,5132016/09/04 2023151  ET CURRENT_EVENTS Encoded CVE-2014-6332 (As Observed in SunDown EK) M1;  
23,5122016/09/02 2023148  ET TROJAN Locky Ransomware Writing Instructions via SMB;  
< 71  72  73  74  75  76  77  78  79  80 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.